<?php
if (!isset($_SESSION['logged']))
    print "<script language='javascript'>
        window.location.href='./?url=404';
        </script>";
else {
    if (isset($_GET['file'])) {
        $iduser = $_SESSION['id'];
        $idfile = $_GET['file'];
        
        $sql = "SELECT *
                FROM `user_file`
                WHERE `user_id` = '$iduser'
                    AND `file_id` = '$idfile';";
        $result = mysql_query($sql, $link);
        $owner = mysql_num_rows($result);

        $sql = "SELECT `f`.*, `t`.`title` as `type`
                FROM `file` `f`, `type` `t`
                WHERE `f`.`id` = '$idfile'
                    AND `f`.`type_id` = `t`.`id`;";
        $result = mysql_query($sql, $link);

        if(mysql_num_rows($result)==0){
            print "<script language='javascript'>
                window.location.href='./?url=404';
                </script>";
        }else{
            $row = mysql_fetch_assoc($result);
            $filetype = strtolower($row['type']);
            $output = parse_url($row['link']);
            parse_str($output['query'], $args_url)
?>
<div id="mainCol" class="clearfix">
    <h3 id="why"><?= (strlen($row['title']) >= 28) ? substr($row['title'], 0, 25) . "..." : $row['title']; ?></h3>
    <ul id="maincon">
        <li class="clearfix last">
            <table width="100%">
                <tr>
                    <td colspan=2>
                        <a href="<?= $row['link']; ?>" title="<?= $row['link']; ?>"><img src="images/link.png" width="24px" height="24px" alt="Link" class="image" /></a>
                    </td>
<?
            if ($owner == 1) {
?>
                    <td align="right">
                        <a href="?url=fileedit&file=<?= $row['id']; ?>" title="Edit"><img src="images/edit.png" width="24px" height="24px" alt="Edit" class="image" /></a>
                        <a href="?url=filedeleting&file=<?= $row['id']; ?>" onclick="return confirm('Are you sure you want to delete this item?');" title="Delete"><img src="images/delete.png" width="24px" height="24px" alt="Delete" class="image" /></a>
                    </td>
<?
            } else {
?>
                    <td align="right">
                        <a href="?url=fileadding&file=<?= $row['id']; ?>" title="I have this file..."><img src="images/add.png" width="24px" height="24px" alt="Add" class="image" /></a>
                    </td>
<?
            }
?>
                </tr>
                <tr>
                <td colspan=3><br></td>
                </tr>
                <tr>
                    <th rowspan=5 width="100px" valign="top">
                        <img src="images/<?= $filetype; ?>.png" title="<?= $row['type']; ?>" width="80px" height="80px" alt="Type" class="image" />
                    </th>
                </tr>
                <tr>
                    <td width="170px"><b>Date In:</b></td>
                    <td align="justify"><?= $row['date_in']; ?></td>
                </tr>
                <tr>
                    <td valign="top"><b>Description:</b></td>
                    <td align="justify" valign="top"><?= $row['description']; ?></td>
                </tr>
                <tr>
                    <td valign="top"><b>People who have this file:</b></td>
<?
                    $sql = "SELECT `u`.`name` FROM `user` `u`, `user_file` `uf` WHERE `uf`.`user_id` = `u`.`id` AND `uf`.`file_id` = $idfile";
                    $result = mysql_query($sql, $link);
                    $owners = "";
                    while($linha = mysql_fetch_assoc($result)){
                        $owners = $owners . $linha['name'] . "<br />";
                    }
                    //$owners = substr($owners, 0, count($owners)-3) . ".";
?>
                    <td align="justify" valign="top"><?= $owners; ?></td>
                </tr>
<?
                    if ($args_url['v']!="") {
?>
                <tr>
                    <td align="center" valign="middle" colspan=2>
                        <br><br>
                        <object width="425" height="350">
                          <param name="movie" value="<?= $row['link']; ?>"></param>
                          <param name="wmode" value="transparent"></param>
                          <embed src="http://www.youtube.com/v/<?= $args_url['v']; ?>" type="application/x-shockwave-flash" wmode="transparent" width="425" height="350"></embed>
                        </object>
                    </td>
                </tr>
<?
                    }
        }
    } else {
        print "<script language='javascript'>
            window.location.href='./?url=404';
            </script>";
    }
?>
            </table>
        </li>
    </ul>
</div>
<?
}
?>
